For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

"We think this may be one of the most powerful Netscape Communicator exploits ever," said Bennett Haselton, a bug hunter and head of PeaceFire, an organisation dedicated to fighting content filtering on the web.

A Netscape spokeswoman said the company is testing two possible fixes which will be added to the 4.7 release of the browser.

The vulnerability is caused by a combination of technologies that allows an unfriendly website operator to avoid the browser's security features.

Users can use frames or windows to get at files in their computers so windows opened from the local disk have weak security features. Stronger cross frame security features should prevent web authors from using JavaScript to transfer data from a window on a user's computer to a window belonging to the website operator.

However, Haselton showed that a website operator could introduce JavaScript code through a cookie inserted onto the user's hard drive.

"Getting 'read' access to the user's hard drive is the second most powerful exploit you can possibly launch. If I run the exploit on a specific person, I can determine what other sites they have visited," he said, adding that the ability to execute code on a person's computer is the most powerful.

He also noted that the problem only occurs if the user has their profile name set on default, which applies to most users.

The Netscape spokeswoman cited the conditions necessary for an exploit to occur and the fact that only links could be accessed. The company also suggests users concerned about the vulnerability to turn off JavaScript and to refuse to accept cookies or only accept them from trusted sources.